Versions Compared

Old Version 5

changes.mady.by.user Salvatore D'Agostino

Saved on

compared with

New Version 6

changes.mady.by.user Mark Lizar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The resulting audit is then used for assessing conformance with an ISO/IEC 29184 Online Privacy Notice and Consent control.  In order to demonstrate how the ANCR Notice Record for assessing conformance when creating a digital identifier and processing personal data.



Field - name, description, reference  

PISP - Privacy Information Service Point 

  • there are different performance levels for privacy information access and rights which is captured in this assessment, 
    • Performance 
      • if online and access is provided with a PISP which is an api access fore in context privacy then privacy information and controls can be dynamic
        • this field has dynamic,
        • out-of-band,
        • static
      • Access Conformance 
        • access to information in the information according to context
          • linked data - 
    • Confromance 
      • a) if using standards, information access has a higher level of transparency 
        • a person, 
        • self-service
        • bot 
        • mailbox
        • answering machine
        • email 
    • b)

Consent Type 



Glossary

(Note: refer to ISO/IEC 29100 for terms, unless they are specified here to further extend terms or definitions in a more granular manner,


Consent Types: 

  • not required
  • Implied
  • implicit
  • expressed
  • explicit
  • Altruistic 

Notice

in this document  a) refers broadly to any privacy or surveillance notice, notification or disclosure,  b) a notice that is  presented or represented in a layered information fashion and a linked manner according to context 

Layered Notice

  • ISO/IEC References for Notice 
    • ISO 29184 
  • Notice Signal
  • Notice pop-up
  • notice statement 
  • notice privacy overview
  • notice privacy policy 

Research Findings:

  • people are unable to natively use digital identifiers, credentials or digital wallets.  e.g. unable to use a computer or phone to download a QR code, for a wide spectrum of accessibility issues 


Instructions 

  1. Read a notice 
    1. collect down capture the name of the notice provider and enter this into the PII Controller Name field
    2. collect down the PII Controller Address
    3. collect contact information 
      1. what type - use appendix to indicate dynamic, out-of band, static, in person active
    4. collect link to privacy policy 
    5. collect any links to privacy access information 
  2. Indicate in which concentric manner data has been 
  3. Capture the legal justifications for processing 
  4.  Capture the Notice
    1.  indicate what the expected consent type is  prior to the notice
    2. indicate if personal identifiers are collected prior to presenting the notice
  5. Indicate the legal justification from the 6 categories - 
  6. indicate the personal data is sensitive 
  7. capture purpose description 
  8. capture the authorization scope
    1. frequency 
    2. duration

...


Q's to add

  • is the notice linked
  • is there notice of risk and harms

...

  • ?
  •  is there a privacy information service point / api for dynamic data controls?

Use Case: privacy cafe

  • Privacy Cafe Narrative
    • Scenario 1 imagine - first time to a privacy cafe
      • new country, differ language, different types of coffee, different currency, different technology, different measures, different indegrediants eg. type of sugar, cream, milk and cup size measures
    • Scenario 2 - a known regular at a privacy cafe close to your home or work 
      • the user experience with high level of consent
    • Scenario 3 - Digitally Twinning both scenarios for governance online
      • withdraw consent
      • access to use surveillance 
      • getting a report on who benefits from personal data in the cafe, out of the cafe
  • Main functionality point is focused on dynamic privacy performance in proprotion to the surveillance 
    • this transfers liability, and enable people with controls to mitigate risk 
    • difference between Permission for a purpose, or permission for a data base field - 
      • having to go into each service and change or withdraw permission -
      • or pressing one button to withdraw consent, for many services  
  • For Example the Priavcy Cafe 
    • Human XU - physical governance defaults - Notice for this 
      • in this context - there can be consent
    • Using the video surveillance in (or public camera outside) a privacy cafe to make a police report 
    • Privacy Cafe, making the session cookie for the web server - 


Field Name

Type

PII(Y)

Field Label

Description 

Required/Optional

version

string


Schema Version

The version of specification used to which the receipt conforms. To refer to this version of the specification, the string "v1" or the IRI "https://w3id.org/OPN/v1" should be used.

Required

profile

string


OPN Privacy Profile URI

Link to the controller's profile in the OPN registry. 

Required

Notice Receipt

string 


Type of Notice Receipt

Label Notice Receipt 

Required

id

string


Receipt ID

A unique number for each Notice Receipt. SHOULD use UUID-4 [RFC 4122].

Required

timestamp

integer


Timestamp

Date and time of when the notice was generated and provided. The JSON value MUST be expressed as the number of seconds since 1970-01-01 00:00:00 GMT (Unix epoch).

Required

key

string


Signing Key

The Controller’s profile public key. Used to sign notice icons, receipts and policies for higher assurance.

Optional

language

string


Language

Language in which the consent was obtained. MUST use ISO 639-1:2002 [ISO 639] if this field is used. Default is 'EN'.

Required

controllerID

string


Controller Identity

The identity (legal name) of the controller.

Required




Controller Address

jurisdiction

string


Legal Jurisdiction

The jurisdiction(s) applicable to this notice

Required

controllerContact

string


Controller Contact

Contact name of the Controller. Contact could be a telephone number or an email address or a twitter handle.

Required

notice

string


Link to Notice

Link to the notice the receipt is for 

Optional

policy

string


Link to Policy

Link to the policies relevant to this notice e.g. privacy policy active at the time notice was provided

Required

context

string


Context

Method of notice  presentation, sign, website pop-up etc

Optional




Receipt TypeThe human understandable label for a record or receipt for data processing.  This is used to extend the schema with  profile for the type of legal processing - and is Used to identify data privacy rights and controls 



Notice Text 



Accountable Person Role









...